← voltar
CVE-2022-21740

Heap overflow in Tensorflow

CVSS 7.6 HIGHEPSS 0.8%CWE-787
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.6EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
03 fev 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Produtos afetados
n/a · n/a